<script type='text/javascript'>
	function getQuantity() 
	{ return document.forms["form"]["quantity"]; }
</script>
<?php

	if (isset($_GET['type']) && isset($_GET['price']))
	{
		$username = $_SESSION['username'];
		$type = $_GET['type'];
		$playerCash = getPlayerCash();
		$price = $_GET['price'];		
		if ($price > $playerCash)
		{
			echo "You do not have enough money to buy a $type. <a href='index.php?view=addroom'>Back</a>";
		} else {
			$playerCash = $playerCash - $price;
			$owner_id = mysql_result(mysql_query("SELECT id FROM users WHERE username='$username'"), 0);
			$room_id = mysql_result(mysql_query("SELECT id FROM room_types WHERE name='$type'"), 0);
			$hospital_id = mysql_result(mysql_query("SELECT id FROM hospitals WHERE owner_id=$owner_id"), 0);
			mysql_query("UPDATE users SET cash=$playerCash WHERE username='$username'");
			mysql_query("INSERT INTO rooms (type_id, hospital_id) VALUES ('$room_id', '$hospital_id')");
			echo "$type bought for \$$price. You now have \$$playerCash <br /><br />";
			echo "<a href='index.php?view=addroom'>Buy More Rooms</a><br /><a href='index.php?view=building'>Building Information</a>";
		}
	} else {

	echo "<fieldset>";
	echo "<legend><b>Buy Rooms</b></legend><br />";
	echo "<table width='300' cellpadding='10'><center>
	<tr><th> Room Type </th><th> Price </th><th> </th></tr>";
	for ($i = 0; $i < mysql_num_rows(mysql_query("SELECT name FROM room_types")); $i++)
	{
		$result = mysql_query("SELECT * FROM room_types");
		$price = mysql_result($result, $i, "price");
		$type = mysql_result($result, $i, "name");
		echo "<tr><td> $type </td><td> $price </td><td> <a href='index.php?view=addroom&amp;type={$type}&amp;price={$price}'>Buy</a> </td></tr>";
	}
	echo "</table></center><br />";
	echo "<a href='index.php?view=building'>Back to Building Information</a>";
	echo "<br /></fieldset>";
	}
	
	function getPlayerCash()
	{
		$username = $_SESSION['username'];
		$result = mysql_query("SELECT cash FROM users WHERE username='$username'");
		$cash = mysql_result($result, 0);
		if ($cash != NULL) {
			return $cash;
		} else { return 0; }
	}
	
/*
	$user_result = mysql_query("SELECT * FROM users WHERE username='{$_SESSION['username']}'");
	$user_id = mysql_result($user_result, 0, "id");
	$hospital_id = mysql_result(mysql_query("SELECT id FROM hospitals WHERE owner_id=$user_id"), 0);
	$cash = mysql_result($user_result, 0, "cash");
	
	$numrooms = mysql_num_rows(mysql_query("SELECT id FROM rooms WHERE hospital_id=$hospital_id"));

	echo "<fieldset>";
	echo "<legend><b>Buy Rooms</b></legend><br />";
	echo "<form width='200' method='GET' action='index.php?view=addroom'><center>
	<table cellpadding='10'>
	<tr><th> Room Type </th><th> Price </th><th> Quantity </th><th> </th></tr>";
	for ($i = 0; $i < mysql_num_rows(mysql_query("SELECT name FROM room_types")); $i++)
	{
		$result = mysql_query("SELECT id,name,price FROM room_types");
		$room_id = mysql_result($result, $i, "id");
		$room_price = mysql_result($result, $i, "price");
		$room_type = mysql_result($result, $i, "name");
		echo "<tr><td> {$room_type} </td><td> \${$room_price} </td><td> <input type='text' name='$room_id' size='3' value='0'> </td><td> <a href=''>Buy</a> </td></tr>";
	}
	echo "</table></center></form><br />";
	echo "<a href='index.php?view=building'>Back to Building Information</a>";
	echo "<br /></fieldset>";
*/

?>